779c5dfd9c216312b602ebb5b7d21a3a8177c2a88da8edeab8a40a57f688a642 | Triage

Sharing

General

Target

b474a6bc71624c7b4586013e4c7242e5_JaffaCakes118
Size

284KB
Sample

240616-wlevssvdpj
MD5

b474a6bc71624c7b4586013e4c7242e5
SHA1

115a72d17691ff39bebbd7fd2ac1c2b3aee5b5a1
SHA256

779c5dfd9c216312b602ebb5b7d21a3a8177c2a88da8edeab8a40a57f688a642
SHA512

589424fb1966e4b076ef5ab18f51915be36ac048df89cf5b44a90ed3db0a4ecf149ecd16407b4203b9e7d4ed64d822a67f655d63ac3556abd1d83c0329e50fb0
SSDEEP

6144:pG1Af3k5aL3Lbii5bkgVuN+xSKV7Wkrsf7LsMKceSP:pGaf05a7XikbkgaISKVsVem

Score

7^/10

Malware Config

Targets

- Target
  
  b474a6bc71624c7b4586013e4c7242e5_JaffaCakes118
- Size
  
  284KB
- MD5
  
  b474a6bc71624c7b4586013e4c7242e5
- SHA1
  
  115a72d17691ff39bebbd7fd2ac1c2b3aee5b5a1
- SHA256
  
  779c5dfd9c216312b602ebb5b7d21a3a8177c2a88da8edeab8a40a57f688a642
- SHA512
  
  589424fb1966e4b076ef5ab18f51915be36ac048df89cf5b44a90ed3db0a4ecf149ecd16407b4203b9e7d4ed64d822a67f655d63ac3556abd1d83c0329e50fb0
- SSDEEP
  
  6144:pG1Af3k5aL3Lbii5bkgVuN+xSKV7Wkrsf7LsMKceSP:pGaf05a7XikbkgaISKVsVem
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2